Changeset View
Changeset View
Standalone View
Standalone View
src/CMakeLists.txt
Show First 20 Lines • Show All 90 Lines • ▼ Show 20 Lines | if(ENABLE_REDUCE_EXPORTS) | ||||
add_linker_flags(-Wl,--exclude-libs,ALL) | add_linker_flags(-Wl,--exclude-libs,ALL) | ||||
endif() | endif() | ||||
# Enable statically linking libstdc++ | # Enable statically linking libstdc++ | ||||
if(ENABLE_STATIC_LIBSTDCXX) | if(ENABLE_STATIC_LIBSTDCXX) | ||||
add_linker_flags(-static-libstdc++) | add_linker_flags(-static-libstdc++) | ||||
endif() | endif() | ||||
# All windows code is PIC, forcing it on just adds useless compile warnings | set(CMAKE_POSITION_INDEPENDENT_CODE ON) | ||||
if(NOT ${CMAKE_SYSTEM_NAME} MATCHES "Windows") | |||||
add_compiler_flags(-fPIC) | |||||
endif() | |||||
if(ENABLE_HARDENING) | if(ENABLE_HARDENING) | ||||
# Enable stack protection | # Enable stack protection | ||||
add_cxx_compiler_flags(-fstack-protector-all -Wstack-protector) | add_cxx_compiler_flags(-fstack-protector-all -Wstack-protector) | ||||
# Enable some buffer overflow checking | # Enable some buffer overflow checking | ||||
add_compiler_flags(-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2) | add_compiler_flags(-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2) | ||||
# Enable ASLR (these flags are primarily targeting MinGw) | # Enable ASLR (these flags are primarily targeting MinGw) | ||||
add_linker_flags(-Wl,--dynamicbase -Wl,--nxcompat -Wl,--high-entropy-va) | add_linker_flags(-Wl,--dynamicbase -Wl,--nxcompat -Wl,--high-entropy-va) | ||||
# Make the relocated sections read-only | # Make the relocated sections read-only | ||||
add_linker_flags(-Wl,-z,relro -Wl,-z,now) | add_linker_flags(-Wl,-z,relro -Wl,-z,now) | ||||
# CMake provides the POSITION_INDEPENDENT_CODE property to set PIC/PIE. | # CMake provides the POSITION_INDEPENDENT_CODE property to set PIC/PIE. | ||||
# Unfortunately setting the -pie linker flag this way require CMake >= 3.14, | # Unfortunately setting the -pie linker flag this way require CMake >= 3.14, | ||||
# which is not widely distributed at the time of writing. | # which is not widely distributed at the time of writing. | ||||
# FIXME: use the POSITION_INDEPENDENT_CODE property instead | # FIXME: remove the fallback case when cmake >= 3.14 get enforced. | ||||
if(NOT ${CMAKE_SYSTEM_NAME} MATCHES "Windows") | if(POLICY CMP0083) | ||||
cmake_policy(SET CMP0083 NEW) | |||||
include(CheckPIESupported) | |||||
check_pie_supported() | |||||
elseif(NOT ${CMAKE_SYSTEM_NAME} MATCHES "Windows") | |||||
add_compiler_flags(-fPIE) | add_compiler_flags(-fPIE) | ||||
add_linker_flags(-pie) | add_linker_flags(-pie) | ||||
else() | endif() | ||||
if(${CMAKE_SYSTEM_NAME} MATCHES "Windows") | |||||
# MinGw provides its own libssp for stack smashing protection | # MinGw provides its own libssp for stack smashing protection | ||||
link_libraries(ssp) | link_libraries(ssp) | ||||
endif() | endif() | ||||
endif() | endif() | ||||
# Enable warning | # Enable warning | ||||
add_c_compiler_flags(-Wnested-externs -Wstrict-prototypes) | add_c_compiler_flags(-Wnested-externs -Wstrict-prototypes) | ||||
add_compiler_flags( | add_compiler_flags( | ||||
▲ Show 20 Lines • Show All 410 Lines • Show Last 20 Lines |